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1 . Claims 6-46 and new claims 47-54 are pending. Claims 1 - 5 were canceled. 

Response to Arguments 

2. Applicant's arguments filed 9/25/06 have been fully considered but they are not 
persuasive to overcome the prior art. 

Claim 29, Applicant argues the prior art does not teach or suggest: 

a network device including an electronic memory encoded with multiple 
respective virtual routers in the memory, said respective virtual routers including 
corresponding respective network databases which include respective control 
information, said respective virtual routers respectively including at least one respective 
network interface to a respective network domain : 

respective subscriber records in an electronic memory that include respective 
information as to network domains to which respective subscriber end stations of 
respective subscribers may be bound; 

multiple respective sub-interface data structures in the electronic memory 
respectively associated with respective subscribers; 

a computer program in electronic memory that searches respective subscriber 
records to identify respective network domains that may be accessed by respective 
subscriber ends stations of respective subscribers; and 

respective binding data structures that respectively bind respective sub-interface 
data structures associated with respective subscribers to respective network interfaces 
to respective network domains identified from searching respective subscriber records . 
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Examiner points out the prior art taught 

-A network device = a CPU and memory [Dobbin Fig 24], a host [Fig 17]; 
-A multiple virtual router [Dobbins, a VLAN switch =a virtual router with a virtual 
router directory represents a multiple virtual VLANs or virtual routers, Fig 19]; 

- subscriber records = a virtual directory always has the complete mapping of all 
known users within the domain [Dobbins, col 2 lines 66-67]; 

- binding data structures = dynamic binding the high level IP address to a low. 
level IP address [Dobbins, col 12 lines 40-53]; 

Claim 24, Applicant argues the prior art does not teach or suggest: 

- end stations and multiple network domains ; 

- virtual routers respectively each including at least one respective network 
interface for a respective network domain ; 

- sub-interface data structures ; 

- searching respective subscriber records to identify respective network 
domains ; 

Examiner points out the prior art taught 

- end stations and multiple network domains [Dobbins, Fig 20]; 

- virtual routers respectively each including at least one respective network 
interface for a respective network domain [Dobbins, VLAN switches =virtual 
routers, network interface= channel, port, col 12 lines 54-64]; 
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- sub-interface data structures [Cisco, sub-interface, page 1]; 

- searching respective subscriber records to identify respective network 
domains [Dobbins, searches its route table = records to identify the address = 
domain, col 24 lines 50-55]; 

Claim 1 8, Applicant argues the prior art does not teach or suggest: 

- a first virtual router , first network interface , a second virtual router which 
includes second network interface; 

- first sub-interface data structure 

- second sub-interface data structure 

- binding the at least one first network interface to the at least one first sub- 
interface data structure; and 

- binding the at least one second network interface to the at least one second 
sub- interface data structure. 

Examiner points out the prior art taught 

- a first virtual router , first network interface , a second virtual router which 
includes second network interface [Dobbins, multiple VLANs, col 10 line 53]; 

- first sub-interface data structure, second sub-interface data structure [Dobbins, 
first switch, second switch, col 9 lines 9-50, Fig 1; 
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- binding [Dobbins, binding, col 12 lines 40-53] ]the at least one first network 
interface to the at least one first sub interface data structure [Cisco, sub-interace, Page 
1]; and 

- binding [Dobbins, binding, col 12 lines 40-53]the at least one second network 
interface to the at least one second sub- interface data structure ][Cisco, sub-interace, 
Page 1]. 

Claims 6,8,10 [see response arguments of claims 18,24,29]. 

Claim 39, Applicant argues the prior art does not teach or suggest: 

- a single network device ; 

- share a set of physical resources ; 

Examiner points out the prior art taught 

- a single network device [Dobbins, a host, Fig 17] 

- share a set of physical resources [Dobbins, fast routing servers, col 21 lines 
15-21]. 

Claim 31 , Applicant argues the prior art does not teach or suggest: 
-virtual bridge; 
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-virtual bridge = virtual router, bridge network [Dobbins, col 8 lines 29; virtual 
router, col 6 lines 50]. 

Claim 33,35,37 Applicant argues the prior art does not teach or suggest: 
-multiple virtual routers within a single network device; 

Examiner points out the prior art taught 

-multiple virtual routers within a single network device [Dobbins, multiple VLANs, 
col 10 line 53; and a host, Fig 17]. It's clearly that a node or host or server having a 
software which generates a multiple virtual routers for management was well-known in 
the art. Moreover, a subject matter (a software which generates a multiple virtual 
routers) stored in single one or more device is unpatentable. 

Rejection Clarification 

3. Applicant request to clarification between the Cisco-Radius Commands and 
Cisco-ATM Commands is not appropriate since these limitations are not exist in claim 
language. 

Claim Rejections - 35 USC §112 

4. Claim 29 is rejected under 35 U.S.C. 112, second paragraph, as being indefinite 
for failing to particularly point out and distinctly claim the subject matter which applicant 
regards as the invention. 

i.e.: subscribers may be bound 
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5. Claim 33 is rejected under 35 U.S.C. 112, second paragraph, as being indefinite 
for failing to particularly point out and distinctly claim the subject matter which applicant 
regards as the invention, (i.e.: a first physical interface . It's obvious to a network device 
has a network interface as the first network interface.) 

Claim Rejections - 35 (JSC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

Claims 6-54 are rejected under 35 U.S.C. § 103 as being unpatentable over Dobbins et 

al [Dobbins, 5,825,772] in view of Cisco et al [Radius Commands]. 

6. Claim 31 , Dobbins-Cisco disclose A network device comprising: 
at least one processor; memory; I/O [Dobbins, a NMS, Fig 16]; 

at least one virtual bridge in the memory, said at least one virtual bridge 

including a network interface [Dobbins, bridges, col 7 lines 55-57]; 

a sub-interface data structure in the memory [Cisco, sub-interface, page 1]; and 
a binding data structure in the memory which binds the network interface to the 

sub-interface data structure [Dobbins, dynamically bind the high level IP address to a 

low level IP address col 12 lines 40-53]. 
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7. Claim 32 Dobbins-Cisco disclose the network interface is a layer 2 network 
interface (i.e.: link layer) [Dobbins, link state switching table, col 15 lines 1-15]; the sub- 
interface data structure is a layer 2 interface data structure [Cisco, sub-interface, page 
1]; and the binding data structure is layer 2/2 binding structure which binds the layer 2 
network interface to the layer 2 interface data structure [Dobbins, dynamically bind the 
high level IP address to a low level IP address col 12 lines 40-53]. 

8. Claim 33 Dobbins-Cisco disclose An apparatus comprising: 

a single network device including, a set of one or more processors [Dobbins, a 
NMS, Fig 16]; 

a first physical interface , the first physical interface coupled to a network 
[Dobbins, a host port, Fig 17]; 

a machine-readable medium having stored therein a set of instructions to 
cause the set of one or more processors to instantiate a first virtual router comprising a 
network interface and a first database [Dobbins, a host agent, management agent, a 
discovery agent, a VLAN agent, col 20 lines 27-41; with database, Fig 18], to instantiate 
a second virtual router comprising a network interface and a second database [Dobbins, 
the precise instance of the database, col 14 lines 47-64], and to bind with a. data 
structure the first virtual router network interface to the first physical interface [Dobbins, 
bind, col 12 lines 46], wherein the first virtual router routes packets according to the first 
database within a first network domain (i.e.: a VLAN) through the first virtual router 
network interface and the first physical interface , and wherein the second virtual router 
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routes packets according to the second database within a second network domain 
[Dobbins, multiple VLAN, col 10 line 53; the master switch, packets, database, col 14 
lines 17-35]. 

9. Claim 34 Dobbins-Cisco disclose a second physical interface, the second 
physical interface coupled to the network, wherein the set of instructions further causes 
the single network device to bind with another data structure the second virtual router 
network interface to the second physical interface, and wherein and the second virtual 
router routes packets through the second virtual router network interface and the 
second physical interface [Dobbins, bind, col 12 lines 46]. 

10. Claims 35-38 contain the identical limitations set forth in claims 35-36. Therefore 
claims 35-38 are rejected for the same rationale set forth in claims 35-36. 

11. Claim 39 Dobbins-Cisco disclose An apparatus comprising: 

a single network device including, a set of one or more processors [Dobbins, a 
NMS, Fig 16]; 

a first plurality of ports to communicate packets of a plurality of subscribers; a 
second plurality of ports to communicate packets [Dobbins, ports links to client 208, 
ports links to Router 206, Fig 20]; and 

a machine-readable medium having stored therein a set of instructions to 
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cause the set of processors to, instantiate a plurality of virtual network machines, 
wherein the plurality of virtual network machines are virtually independent but share a 
set of physical resources within the single network device [Dobbins, VLAN having full 
connectivity (sharing broadcast, multicast and unicast) independent of any particular 
physical location, col 8 lines 17-27], 

wherein each of the plurality of virtual network machines is one of a virtual router 
and a virtual bridge, and wherein each of the plurality of virtual network machines 
belong to a network domain, receive subscriber records associated with the plurality of 
subscribers [Dobbins, virtual router, col 6 line 50], 

wherein each of the plurality of subscribers are associated with a virtual circuit on 
one of the first plurality of ports, wherein each of the first and second plurality of ports is 
associated with one or more sub-interfaces [Cisco, sub-interface, page 1], and 

wherein each of the virtual circuits is associated with one of the sub-interfaces 
associated with the one of the first plurality of ports that the virtual circuit is on [Cisco, 
sub-interface, page 1], and 

dynamically bind a set of one or more network interfaces of each of the virtual 
network machines to a set of one or more of the sub-interfaces, such that each of the 
virtual circuits is communicatively coupled with one of said plurality of virtual network 
machines based on the subscriber record of the subscriber associated with that virtual 
circuit and such that at least some of the virtual network machines are communicatively 
coupled to one of the second plurality of ports, wherein the bindings are represented 
with a plurality of data structures [Dobbins, dynamically bind, col 12 line 46]. 



Application/Control Number: 10/020,388 



Art Unit: 2142 



Page 1 1 



12. Claim 40 Dobbins-Cisco disclose the set of instructions further causes the set of 
processors to retrieve the subscriber records from a server that runs authentication, 
authorization, and accounting protocols [Dobbins, secure policy, col 17 line 29]. 

13. Claim 41 Dobbins-Cisco disclose the set of instructions further causes the set of 
processors to change the binding of one of the virtual circuits to a different one of said 
plurality of virtual network machines, wherein the binding change is based on the 
subscriber's subscriber record [Dobbins, bind, col 12 lines 46]. 

14. Claim 42 Dobbins-Cisco disclose the binding change is based on time of day 
[Dobbins, ack Timer A4, Fig 9]. 

1 5. Claim 43 Dobbins-Cisco disclose the set of instructions further causes the set of 
processors to, bind one of the network interfaces associated with a first of the plurality 
of virtual network machines to a sub-interface for a first virtual circuit associated with a 
first port of one of the first and second plurality of ports [Dobbins, first switch and 
second switch, col 9 lines 40-50], and bind one of the network interfaces associated 
with a second of the plurality of virtual network machines to a sub-interface for a second 
virtual circuit associated with the first port [Dobbins, bind, col 12 lines 46]. 
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16. Claim 44, Dobbins-Cisco disclose the set of instruction instructions further 
causes the set of processors to, bind one of the network interfaces associated with a 
first of the plurality of virtual network machines to a sub-interface for a first virtual circuit 
associated with a first port of one of the first and second plurality of ports [Cisco, sub- 
interface, page 1], and bind another one of the network interfaces associated with the 
first of the plurality of virtual network machines to a sub-interface for a second virtual 
circuit associated with the first port [Dobbins, bind, col 12 lines 46]. 

1 7. Claim 45 Dobbins-Cisco disclose instructions further causes the set of 
processors to forward, within the network domains to which the virtual network 
machines belong, packets received over the virtual circuits communicatively coupled 
with the virtual network machines out the second plurality of ports [Dobbins, a list of 
ports, col 12 line 62]. 

18. Claim 46 Dobbins-Cisco disclose the second plurality of ports is communicatively 
coupled to different ones of service providers and different virtual network machines 
have access to the different ones of the service providers [Dobbins, a plurality od 
resolve servers, col 21 line 23]. 

1 9. Claim 47 Dobbins-Cisco disclose An apparatus comprising: 

a single network device including, a set of one or more processors [Dobbins, a 
NMS, Fig 16]; 
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a plurality of ports to communicate a plurality of independent information flows of 
packets through the single network device between a plurality of end stations [Dobbins, 
Fig 5a-b, Fig 20]; and 

a machine-readable medium having stored therein a set of instructions to 
cause the set of processors to, instantiate a plurality of virtual network machines to 
forward the plurality of information flows through the single network device, wherein 
the plurality of virtual network machines are virtually independent but share a set of 
physical resources within the single network device [Dobbins, VLAN having full 
connectivity (sharing broadcast, multicast and unicast) independent of any particular 
physical location, col 8 lines 17-27], 

wherein each of the plurality of virtual network machines is one of a virtual router 
and a virtual bridge [Dobbins, bridges and routers, col 7 line 56], 

wherein the plurality of virtual network machines belong to different network 
domains with accounting for different administrative authorities [Dobbins, secure policy, 
col 17 line 29], 

wherein each of the virtual network machines include one or more network 
interfaces, and wherein each of the plurality of ports is associated with one or more sub- 
interface data structures [Dobins, a. list of network ports, col 12 line 62], and 

dynamically bind, with a plurality of binding data structures [Dobbins, dynamically 
bind, col 12 lines 46], 

the network interfaces of each of the virtual network machines to different ones of 
the sub-interface data structures [Cisco, sub-interface, page 1] to couple each of the 
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plurality of information flows to a currently appropriate one of the plurality of virtual 
network machines [Dobbins, inspect current connections, col 16 lines 27-40] based on 
current authorization of that information flow [Dobbins, different types of services, col 15 
lines 33-37], and 

wherein the bindings are dynamic based on a change in the authorization of each 
of the plurality of information flows [Dobbins, security restrictions, col 2 line 26]. 

20. Claim 48, Dobbins-Cisco disclose the set of instructions further causes the set of 
processors to receive records associated with a plurality of virtual circuits, and each of 
the virtual circuits is communicatively coupled with one of said plurality of virtual network 
machines based on the record associated with that virtual circuit [Dobbins, Fig 19]. 

21 . Claim 49, Dobbins-Cisco disclose the set of instructions further causes the set of 
processors to retrieve the records from a server that runs authentication, authorization, 
and accounting protocols [Dobbins, security restrictions, col 2 line 26]. 

22. Claim 50, Dobbins-Cisco disclose the set of instructions further causes the set of 
processors to change the binding of one of the virtual circuits to a different one of said 
plurality of virtual network machines, wherein the binding change is based on the record 
associated with the virtual machine [Dobbins, bind, col 12 lines 46]. 
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23. Claim 51 , Dobbins-Cisco disclose the binding change is based on time of day 
[Dobbins, ack Timer A4, Fig 9]. 

24. Claim 52, Dobbins-Cisco disclose the set of instructions further causes the set of 
processors to, bind one of the network interfaces associated with a first of the plurality 
of virtual network machines to a sub-interface data structure for a first virtual circuit 
associated with a first port of one of the plurality of ports [Dobbins, bind, col 12 lines 46], 
and bind one of the network interfaces associated with a second of the plurality of virtual 
network machines to a sub-interface data structure for a second virtual circuit 
associated with the first port [Cisco, sub-interface, page 1]. 

25. Claim 53 Dobbins-Cisco disclose the set of instructions further causes the set of 
processors to bind one of the network interfaces associated with a first of the plurality of 
virtual network machines to a sub-interface data structure for a first virtual circuit 
associated with a first port of one of the plurality of ports [Dobbins, bind, col 12 lines 46], 
and bind another one of the network interfaces associated with the first of the plurality of 
virtual network machines to a sub-interface data structure for a second virtual circuit 
associated with the first port [Cisco, sub-interface, page 1]. 

26. Claim 54, Dobbins-Cisco disclose the binding change for one of the plurality of 
information flows is based on change in service associated with the information flow 
[Dobbins, bind, col 12 lines 46]. 
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27. Claims 6-30 contain identical limitations set forth in claims 31-54. Therefore 
claims 6-30 are rejected for the same rationale set forth in claims 31-54. 



Conclusion 



THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 . 1 36(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the mailing 
date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Thong H. Vu whose telephone number is 571-272-3904. The 
examiner can normally be reached on 6:00-3:30. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Andrew Caldwell can be reached on 571-272-3868. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000, 
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